For our latest on part shortages and other announcements, please see our updates page.

How to Connect to an SSH Server

ssh_header
Share on facebook
Share on reddit
Share on twitter
Share on linkedin
Share on email
Share on print

In our previous article, we talked about the SSH protocol. We gave a short introduction to the history of the protocol, as well as an example to abstract the operation and the inner workings of it in a very generalized way. At the end of that article, we shared the documentation of our examples.

Send Your Serial Data Securely

SB800EX-JDDW-IR-1
SB800EX-JDDW-IR

Or, learn more about NetBurner Serial To Ethernet.

In this article, we’ve provided a short user guide of what you need to know to test the functionality of an SSH server (including NetBurner applications using our wolfSSH powered library) with freely licensed software for either Windows, Linux, or Mac. 

Installing the Software

Since SSH server applications are the most common, in this article, we’ll explain how to configure and use SSH client software on your computer.

This section will explain how to install and set up SSH clients depending on your operating system.

SSH Client (Windows)

On Windows, there are a wide variety of SSH client software options, but for practical purposes, we’ll look at one of the most popular and easy to use, which is PuTTY.  

You can find the software on their official website and download the option that fits your computer architecture.

You can feel free to follow the default configuration of the installation wizard to have PuTTY installed and blindly click “Next” until it’s finished. The installer itself is relatively fast, and after a few seconds PuTTY will be installed and ready to use. When running the application, you’ll see a screen like the one shown below, which indicates that the installation was successful.

SSH Client (Command-Line, for Linux or Mac)

Most of the time, the SSH client is already integrated with the command line of Linux and Mac distributions, so you don’t have to install anything. To check that everything is in order, open a terminal and run the command:

ssh -V

This command will display the software and the SSH version used. In this case, I’m using an Ubuntu distribution of Linux, and OpenSSH is already installed and ready to go.

SSH Authentication Using User and Password

The SSH authentication using a username and password is very straightforward and easy to do.  This section will show you the steps necessary to use your SSH client to connect to an SSH server using your username and password. 

Windows

To connect to the SSH server using PuTTY on Windows, open the application and follow the steps below: 

1. In the “Host Name” (or IP address) field, write the IP address of your SSH server.

2. In the “Port” field, write the one of your SSH server; typically, it’s 22.

3. Ensure the SSH option is selected in the Connection Type section.

4. Press the “Open” button.

5. A security alert will appear asking you to accept the server’s authenticity. Click the “Accept” button.

6. A new window will appear requesting the user with a “login as” caption. Enter the user that you registered on the SSH server.

7. You’ll be prompted for the access password. Enter the value registered on the SSH server (when typing the password, you won’t see anything changing in the terminal, this is for security so that the length of your password cannot be seen).

8. If your login was successful, you’d see a message from your SSH server or the start of a terminal, which informs you that the connection was successful. The image below shows an example of a successful connection on NetBurner devices. 

9. From this point on, all the transmitted information is sent through an encrypted channel.

10. You can simply close the PuTYY window or some SSH servers respond to the “exit” command to end the connection.

Command-Line

To connect to the SSH server using the command line on Linux or Mac, follow the steps below: 1. Open a terminal. 2. Execute the following command, changing the corresponding fields with your user and the IP of your SSH server. By default, port 22 is set, but you can specify it with the parameter “-p your_port”.

ssh your_username@host_ip_address

3. A message appears to ask you to validate the server’s authenticity and type “yes”.

4. A new line appears asking for your password; enter it, followed by hitting the enter key (when typing the password, you’ll not see anything change in the terminal, this is for security so that the length of your password cannot be seen).

5. If your login was successful, you’d see a message from your SSH server or the start of a terminal, which informs you that the connection was successful. The image below shows an example of a successful connection on NetBurner devices.

6. From this point on, all the transmitted information is sent through an encrypted channel.

7. You can simply close the terminal window or some SSH servers respond to the “exit” command to end the connection.

SSH Authentication Using Keys

Another way to authenticate the SSH client to the SSH server is to use SSH keys, which is more secure than using a password because the latter can be targeted by brute-force attacks

This form of authentication is based on creating a public and private key pair. The public key will be shared with the server, and the private key will be stored on the computer and used each time the SSH client starts a connection. The server keeps a list of allowed users based on the client’s public key, and each time a connection is made, it’ll allow access if it matches the client that wants to connect. 

To authenticate using SSH keys, first, you need to generate the keys. The following steps show how to do it on Windows and command-line for Linux and Mac.

Windows

Creating Keys

1. Open PuTTYgen, which is included with the default installation.

2. PuTTY has several encryption algorithms to generate asymmetric keys. RSA is a common choice. Make sure to create it with at least 2048 bits. If the server supports it, we recommend using ECDSA, as you get smaller key sizes for the same security level. You can find the difference between some algorithms types In the following link.

3. Press the “Generate” button.

4. To generate randomness, move the mouse inside the empty area.

5. After a few seconds, a public and a private key are generated. You can add a passphrase (which is highly recommended) to make your keys more secure. Keep in mind, however, that some SSH servers do not allow this option.

6. Save the private key in a safe place by pressing the “Save private key” button.

7. To save the public key, press the “Save public key” button, or if your SSH server requires the key in another format, you can press the Conversions menu option.

8. Alternatively, you can copy the public key directly to your clipboard from the PuTTY interface in the Key section.

Authenticating with Keys

Once you have your keys, you need to provide the public key you just generated to the SSH server. This process will depend on your SSH server; the most common is a user interface in which you can upload your public key.  After sharing the public key with the SSH server, you can connect your SSH client by following the steps below.

1. Open PuTTY and enter the IP of your SSH server and the port (usually, it’s 22). Then go to the Connection -> SSH -> Auth section. In the “Authentication parameters” section, click on the “Browse…” button and choose the file with the private key generated using PuTTYgen previously.

2. Press the “Open” button. The first time a security alert appears, you must accept the server’s authenticity by pressing the “Accept” button.

3. If your login was successful, you’d see a message from your SSH server or the start of a terminal, which informs you that the connection was successful. The image below shows an example of a successful connection on NetBurner devices.

4. From this point on, all the transmitted information is sent through an encrypted channel.

5. To terminate the connection, you can simply close the terminal window. Alternatively, some SSH servers respond to the “exit” command.

Command Line

Creating Keys

1. Open a terminal. 2. Run the following command, changing the < algorithm> option to the encryption algorithm of your choice and the option to the number of bits. For RSA, it’s recommended to be at least 2048.

ssh-keygen -t < algorithm> -b

By default, if you just run ssh-keygen without any parameters, it’ll generate a key pair using RSA with 2048 bits; more recent versions use 3072 bits by default. 3. When executing the command, the interface asks where to save the key. Type the path you want, or press enter to use the default path. If you already have a key in that path, you’ll be asked if you want to overwrite it. If you have different keys for several SSH servers, you should name each key differently.

4. The next step is to write a passphrase, which will make your key more secure. You can leave it blank for no passphrase.

5. After a few seconds, you’ll see the confirmation of the creation of the key pair and the paths where these were saved.

Getting the Keys

Once you have your keys, you need to provide the public key you just generated to the SSH server. This process will depend on your SSH server; most commonly, it’ll have some sort of user interface where you can upload your public key.  With the command line, there’re two ways to provide your SSH server with the public key. Copy directly using SSH To do this, you need to use the command

sh-copy-id username@remote_host

Where username and remote host are from your SSH server. This will copy the key to the server. It’s important to note that your SSH server must have the password access option enabled. Since this is occasionally not available, you will have to do it manually. Copy it manually  To manually obtain the public key, run the following command, changing the for the name of your public key file.

cat ~/.ssh/.pub

This will print the public key in the terminal. You can copy it and provide it to your server as specified by your SSH server provider.

Authenticating with Keys

Once you have the keys and have shared the public key with the server, you can connect to the server. You can follow the same steps presented in the authentication section using a username and password. The only difference is that you will not be required to enter the password during the process.

SSH Examples with NetBurner Devices

At NetBurner, we have prepared a series of SSH Server and SSH Client examples that will help you to quickly deploy SSH applications on your favorite devices using out NNDK 3.x tools. 

The examples we currently have available are as follows:

SshMinimalClient: Use the NetBurner device as an SSH client to connect to another SSH server.

SshMinimalServer: Use the NetBurner device as an SSH server that allows connections from other SSH clients.

SshServerUserAuth: Use the NetBurner device as an SSH server that allows for user authentication. This example uses NetBurner’s UserAuth library to allow developers to manage username and authentication information.

SshServerUserKey: Use the NetBurner device as an SSH server. This example allows new SSH keys to be uploaded to the device and managed via a web interface.

Wrapping Up

Hopefully, the content of this article will be helpful for you to test your SSH applications on NetBurner systems and help you get your application to reality in no time. 

At NetBurner, we’re constantly looking for new ideas or suggestions for new content, so if you have something in mind that you would like to see in our blog, don’t hesitate to post it in the comments. Or, if you have any questions, comments, or suggestions, feel free to contact us directly; we’ll get back to you as soon as possible.

About the Author

John Doe

John Doe

Senior Embedded Firmware Developer at Luxoft.

IoT, embedded firmware, and industrial automation enthusiast.

Reader, dancer, swimmer, and dog lover.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Subscribe to our Newsletter

Get monthly updates from our Learn Blog with the latest in IoT and Embedded technology news, trends, tutorial and best practices. Or just opt in for product change notifications.

Leave a Reply

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese